CVE-2021-34523

The repository contains a Python script that scans for the ProxyShell vulnerability (CVE-2021-34523) by sending a crafted HTTP request to the target and checking for a specific response pattern. It does not include exploit code for achieving RCE but confirms vulnerability presence.

The repository contains a Nuclei template for detecting CVE-2021-34523, an elevation of privilege vulnerability in Microsoft Exchange Server. It sends a crafted HTTP request to the autodiscover endpoint and checks for specific response patterns (302 redirect and 'errorfe.aspx') to identify vulnerable systems.

This repository contains functional exploit code for CVE-2021-34523 (ProxyShell), demonstrating remote code execution (RCE) against Microsoft Exchange Server. The scripts include enumeration, token generation, and RCE capabilities via PowerShell remoting.

This repository contains a functional exploit for CVE-2021-34523 (ProxyShell), which chains authentication bypass and arbitrary file write vulnerabilities in Microsoft Exchange Server to achieve remote code execution. The exploit automates the process of obtaining a token, writing a webshell, and executing commands as SYSTEM.

This repository contains a functional exploit for ProxyShell (CVE-2021-34523), combining elements from two prior PoCs to achieve remote code execution on Microsoft Exchange servers. It leverages authentication bypass and arbitrary file write vulnerabilities to execute PowerShell commands.

This repository contains a functional exploit for the ProxyShell vulnerability chain (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) affecting Microsoft Exchange Server. The exploit automates the attack chain, including enumeration of emails and LegacyDNs from Active Directory, and handles load-balanced environments.

This repository contains a scanner for detecting the Proxyshell vulnerability (CVE-2021-34473) in Microsoft Exchange Server. It includes a Python script and a Nuclei template to check for the presence of the vulnerability by sending a crafted HTTP request and checking for specific response headers.

This Metasploit module exploits CVE-2021-34473, a vulnerability in Microsoft Exchange Server that allows an attacker to bypass authentication, impersonate an arbitrary user, and write an arbitrary file to achieve remote code execution.

This repository contains a functional exploit for CVE-2021-34523 (ProxyShell), which chains multiple vulnerabilities in Microsoft Exchange Server to achieve unauthenticated remote code execution. The exploit follows a multi-stage attack, including SSRF, SID manipulation, and PowerShell remoting to deploy a webshell.